Terteling Company hit by phishing attack

By: Sharon FisherJuly 9, 2018Comments Off on Terteling Company hit by phishing attack

A worker at Western States Equipment. File photo.

The Terteling Company fell victim to a phishing attack but doesn’t think any employee or customer data was actually downloaded.

The Boise firm is a holding company for a variety of Idaho agricultural businesses including Western States Equipment Co., the certified Caterpillar tractor dealer for the area; Agri-Service; the 36th Street Garden Center and Bistro; and Red Horse Mountain Ranch.

The incident happened on May 1 through an email message purporting to be from an employee. “It looked like legitimate email,” said Michael Romans, director of marketing. The company has had cybersecurity training for the past year. “We’re trying to educate our employees on how to recognize phishing attacks,” he said. The company reported the incident to local and federal law enforcement officials and is also taking other steps, which he wouldn’t reveal, to tighten security.

The company said it had no indication that any data was released. “We’re not aware of them making any downloads of information,” Romans said. “We knew someone was inside our system, but we can’t tell what they looked at, what their intention was, or if they tried to download any of the information.” Employee payroll and personal benefit data, including information on participation in the health plan, and customer information submitted to Western States was on the system. The data wasn’t encrypted while it was stored, he said.

“Most computer intrusions and data breaches can be fixed with human policy intervention,” said Clark Harshbarger, special agent for the Federal Bureau of Investigation, in Boise, who said that he was not familiar with the details of the Terteling incident. A company web or email administrator can configure the system to append “[EXTERNAL]” to email from outside the company to help employees recognize that an email message actually doesn’t come from within the company and shouldn’t be asking for that type of information, he suggested.

Another alternative is requiring dual authentication – a second person — before significant releases of data or money, he said. “Two keys to the kingdom solves 98 percent of their problems,” he said.